package filter;
import bean.Staff;
import javax.servlet.*;
import javax.servlet.annotation.WebFilter;
import javax.servlet.http.HttpServletRequest;
import javax.servlet.http.HttpServletResponse;
import java.io.IOException;

@WebFilter(filterName = "authorityFilter")
public class authorityFilter implements Filter {
    @Override
    public void init(FilterConfig filterConfig) {
    }
    @Override
    public void doFilter(ServletRequest req, ServletResponse resp, FilterChain chain) throws IOException, ServletException {
        HttpServletRequest request = (HttpServletRequest) req;
        HttpServletResponse response = (HttpServletResponse) resp;
        String uri=request.getRequestURI();
        Staff staff=(Staff)((HttpServletRequest) req).getSession().getAttribute("staff");
        if(staff.getSt_id()==1&&!uri.endsWith("index.jsp")&&!uri.endsWith("/login/dgut")){
            response.setContentType("text/html");
            response.setCharacterEncoding("UTF-8");
            response.getWriter().println("你没有权限操作后台");
            response.sendRedirect("xxxxxxxxx");
        }
        else{
            chain.doFilter(req, resp);
        }
    }
    @Override
    public void destroy() {
    }
}